Submitted URL: https://urlz.fr/b2SE
Effective URL: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Submission: On November 13 via manual from US

Summary

This website contacted 31 IPs in 9 countries across 34 domains to perform 55 HTTP transactions. The main IP is 195.208.1.104, located in Russian Federation and belongs to RU-CENTER, RU. The main domain is www.shkola41.ru.
This is the only time www.shkola41.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700:300... 13335 (CLOUDFLAR...)
1 6 195.208.1.104 48287 (RU-CENTER)
6 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
2 51.89.9.252 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 13.224.196.26 16509 (AMAZON-02)
1 2 185.86.137.32 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
2 145.239.192.166 16276 (OVH)
1 91.228.74.221 27281 (QUANTCAST)
1 13.224.197.12 16509 (AMAZON-02)
3 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
4 34.249.138.153 16509 (AMAZON-02)
1 2 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2.18.234.233 16625 (AKAMAI-AS)
1 2 52.29.234.105 16509 (AMAZON-02)
2 185.33.223.197 29990 (ASN-APPNEXUS)
1 69.173.144.142 26667 (RUBICONPR...)
1 91.228.74.228 27281 (QUANTCAST)
1 2600:9000:215... 16509 (AMAZON-02)
1 54.247.175.102 16509 (AMAZON-02)
1 54.38.64.100 16276 (OVH)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
1 1 216.58.206.2 15169 (GOOGLE)
1 1 37.252.173.27 29990 (ASN-APPNEXUS)
1 104.16.91.60 13335 (CLOUDFLAR...)
1 69.173.144.154 26667 (RUBICONPR...)
1 2 2606:4700:30:... 13335 (CLOUDFLAR...)
55 31
Apex Domain
Subdomains
Transfer
6 themoneytizer.com
ads.themoneytizer.com
161 KB
6 shkola41.ru
www.shkola41.ru
144 KB
5 cpx.to
p.cpx.to
s.cpx.to
6 KB
3 adnxs.com
ib.adnxs.com
secure.adnxs.com
3 KB
3 pepsia.com
player.pepsia.com
40 KB
2 onlyadshere.info
onlyadshere.info
302 B
2 pubmatic.com
image2.pubmatic.com
1 KB
2 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu2.rubiconproject.com
3 KB
2 360yield.com
ice.360yield.com
3 KB
2 quantcount.com
rules.quantcount.com
1 KB
2 quantserve.com
edge.quantserve.com
pixel.quantserve.com
6 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 smartadserver.com
ww1097.smartadserver.com
2 KB
2 onetag-sys.com
onetag-sys.com
508 B
2 urlz.fr
urlz.fr
2 KB
1 truoptik.com
dmp.truoptik.com
1 doubleclick.net
cm.g.doubleclick.net
155 B
1 tmyzer.com
c.tmyzer.com Failed
200 B
1 adleadevent.com
adtrack.adleadevent.com
517 B
1 consensu.org
c.sharethis.mgr.consensu.org
404 B
1 stickyadstv.com
ads.stickyadstv.com
733 B
1 4dex.io
script.4dex.io
922 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 noowho.com
www.noowho.com
2 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 sascdn.com
ced-ns.sascdn.com
8 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 themoneytizer.net
g.themoneytizer.net
200 B
1 cloudflare.com
ajax.cloudflare.com
4 KB
0 adform.net Failed
track.adform.net Failed
0 bidswitch.net Failed
pool.grid-data.bidswitch.net Failed
0 avocet.io Failed
ads.avocet.io Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 criteo.com Failed
gum.criteo.com Failed
55 34
Domain Requested by
6 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
6 www.shkola41.ru 1 redirects urlz.fr
www.shkola41.ru
4 s.cpx.to p.cpx.to
3 player.pepsia.com urlz.fr
player.pepsia.com
2 onlyadshere.info 1 redirects www.shkola41.ru
2 image2.pubmatic.com 2 redirects
2 ib.adnxs.com ads.themoneytizer.com
2 ice.360yield.com 1 redirects
2 rules.quantcount.com 1 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 ww1097.smartadserver.com 1 redirects ced-ns.sascdn.com
2 onetag-sys.com ads.themoneytizer.com
2 urlz.fr 1 redirects
1 beacon-eu2.rubiconproject.com urlz.fr
1 dmp.truoptik.com
1 secure.adnxs.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 c.tmyzer.com ads.themoneytizer.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 c.sharethis.mgr.consensu.org player.pepsia.com
1 pixel.quantserve.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 ads.stickyadstv.com ads.themoneytizer.com
1 script.4dex.io ads.themoneytizer.com
script.4dex.io
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 edge.quantserve.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
0 track.adform.net Failed urlz.fr
0 pool.grid-data.bidswitch.net Failed
0 ads.avocet.io Failed
0 sync.crwdcntrl.net Failed
0 gum.criteo.com Failed
55 38

This site contains no links.

Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-15 -
2021-02-14
2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3
2019-10-10 -
2020-01-08
3 months crt.sh
www.noowho.com
Gandi Standard SSL CA 2
2017-02-07 -
2020-02-07
3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA
2015-02-10 -
2020-02-09
5 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2019-10-04 -
2020-10-07
a year crt.sh
*.360yield.com
Amazon
2019-09-24 -
2020-10-24
a year crt.sh
*.sharethis.mgr.consensu.org
Go Daddy Secure Certificate Authority - G2
2018-05-21 -
2020-05-21
2 years crt.sh
adtrack.adleadevent.com
Amazon
2019-06-30 -
2020-07-30
a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2
2018-11-13 -
2020-11-13
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-09-16 -
2020-09-15
a year crt.sh

This page contains 6 frames:

Primary Page: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Frame ID: CF5051B1CBC36CCAE6E89A972166B70B
Requests: 49 HTTP requests in this frame

Frame: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Frame ID: 57F9B0F02E4E0E4AC178562614FFCB1D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1573608612849
Frame ID: B73AEED65316F68EC07A972B24F126CD
Requests: 1 HTTP requests in this frame

Frame: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Frame ID: 814163FC7EE5D33BA9BF1321F091AAEA
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 5FC9E9B964497B82D0FBC43ABC20F785
Requests: 1 HTTP requests in this frame

Frame: http://track.adform.net/adfscript/?bn=33840285;rtbwp=7ACC54D1E2597AA3;rtbdata=3xUQHRdb82BXDm-riwbqkRjnGbCTvkk0dAEmHTd8wDrao8D_YLy1s23BxwIWqjSNGxecdqKS51spumvIvVlx4Ww2zNhSuQK_39ylcwln_5ZY_LXvltSz9CcPpt6SAMZxikSyMY6XAlxEXMoFgYU56c2dbAd0z6yaFS54yIRaxKR630HoPH95pKkgMNX8G5kfEGkvyaRJLRG_X-MPY2AlIdKb8zKBUnyDSAWVgExTW7Y1;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/1a021cc4-b7b4-4441-bf04-dbca06e7aa59/
Frame ID: 2D3CAD88E3FB5BB537B173E42F7E660A
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://urlz.fr/b2SE HTTP 301
    http://urlz.fr/b2SE Page URL
  2. http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

55
Requests

33 %
HTTPS

21 %
IPv6

34
Domains

38
Subdomains

31
IPs

9
Countries

456 kB
Transfer

899 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/b2SE HTTP 301
    http://urlz.fr/b2SE Page URL
  2. http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlz.fr/b2SE HTTP 301
  • http://urlz.fr/b2SE
Request Chain 11
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 12
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback HTTP 302
  • https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Request Chain 20
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=364007018502529207&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/7/3.gif?puid=1106941982942313904&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Request Chain 22
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 27
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216fce0dc494c63d%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb2SE%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224833453ade81cd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2247b5a95a-f244-4d83-ba31-3024b42d1eca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216fce0dc494c63d%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb2SE%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224833453ade81cd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2247b5a95a-f244-4d83-ba31-3024b42d1eca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Request Chain 42
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B9DC1A47-184F-49A0-9E84-B5837805B261&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Request Chain 43
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
Request Chain 44
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=9218226a-f5e3-4001-b85a-347dc26837cb HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=9218226a-f5e3-4001-b85a-347dc26837cb&google_gid=CAESEFH3D5576aYewfCWDbo8-uc&google_cver=1
Request Chain 45
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=186229433259958887&pid=11528&ref=&hn_ver=10&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Request Chain 53
  • http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/ufjoc64vf_f.png HTTP 302
  • http://onlyadshere.info/ HTTP 301
  • https://onlyadshere.info/

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
b2SE
urlz.fr/
Redirect Chain
  • https://urlz.fr/b2SE
  • http://urlz.fr/b2SE
3 KB
1 KB
Document
General
Full URL
http://urlz.fr/b2SE
Protocol
HTTP/1.1
Server
2606:4700:31::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc7661967ab54f4ff9777ef80e7d17c5d74ee0e8c39f67b130097e6cf4ec943

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d148bf810e3e6640d0634e42b3f80abdb1573608612
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
534cfaa38ee359d6-VIE
Content-Encoding
gzip

Redirect headers

status
301
date
Wed, 13 Nov 2019 01:30:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d148bf810e3e6640d0634e42b3f80abdb1573608612; expires=Thu, 12-Nov-20 01:30:12 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/b2SE
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
534cfaa2c850cba4-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/b2SE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
last-modified
Mon, 04 Nov 2019 17:30:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc06049-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
534cfaa40ee7cba0-VIE
alt-svc
h3-23=":443"; ma=86400
expires
Fri, 15 Nov 2019 01:30:12 GMT
/
www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/ Frame 57F9
0
0
Document
General
Full URL
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Requested by
Host: urlz.fr
URL: http://urlz.fr/b2SE
Protocol
HTTP/1.1
Server
195.208.1.104 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
std-carp4-http.nic.ru
Software
openresty/1.13.6.2 / PHP/5.6.39
Resource Hash

Request headers

Host
www.shkola41.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b2SE
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b2SE

Response headers

Server
openresty/1.13.6.2
Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.39
Content-Encoding
gzip
requestform.js
ads.themoneytizer.com/s/
35 KB
8 KB
Script
General
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
5d75cb22fb7ce2ed873ad964147b5b2ee585ed75096219f3082f4727444e5553

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 14 Nov 2019 01:30:12 GMT
gen.js
ads.themoneytizer.com/s/
8 KB
3 KB
Script
General
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:29:54 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2742
Expires
Thu, 14 Nov 2019 01:29:54 GMT
/
g.themoneytizer.net/g/
26 B
200 B
Script
General
Full URL
http://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Server
nginx
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/
12 KB
4 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Thu, 14 Nov 2019 01:29:24 GMT
moneybile.js
ads.themoneytizer.com/
37 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Thu, 14 Nov 2019 01:29:37 GMT
/
onetag-sys.com/usync/ Frame B73A
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1573608612849
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1573608612849
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://urlz.fr/b2SE
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://urlz.fr/b2SE

Response headers

status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=HYRdIr7DbNaLMt9JsddGZwKlwrCygeJV9QFkgMv1jLw; path=/; expires=Fri, 12 Nov 2021 01:30:12; domain=onetag-sys.com; SameSite=None;
content-type
text/html
expires
Sun, 01-Jan-2034 12:34:56 GMT
cache-control
max-age=2628000,public
content-encoding
gzip
getjs.static.js
tag.contextweb.com/
32 KB
11 KB
Script
General
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/
1 KB
2 KB
Script
General
Full URL
http://p.cpx.to/p/11528/px.js?r=1919c
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
13.224.196.26 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-26.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 Nov 2019 07:12:36 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
670657
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
o2_pzHid4eWTUafM7qQXth3rSxyuHehhI2_r2vb8ArPPnYI_Mz_ByQ==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB
Script
General
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
ECS (fcn/40E6)
Cache-Control
max-age=86400
Etag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Wed, 13 Nov 2019 01:30:12 GMT
Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
  • https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
0
0

libJsLP.js
tag.leadplace.fr/
3 KB
3 KB
Script
General
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
edge.quantserve.com/
12 KB
6 KB
Script
General
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
91.228.74.221 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13-Nov-2019 01:30:12 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Wed, 20 Nov 2019 01:30:12 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
13.224.197.12 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-12.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 09:03:25 GMT
Via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
59207
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
zhFZMqXklCMY53Q6hmpSqb2W2lv_6w-f5F_9UhZLasflNxwSwnW5JA==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/
409 KB
130 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
fcbae18825d52376d32deb98bdc1a8f7bb517dce83afb11ea0335670b66eea8a

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 17:51:51 GMT
server
nginx
etag
"3ba96-663d5-596d96fcf8651"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
132349
expires
Thu, 14 Nov 2019 01:29:41 GMT
sdk.js
player.pepsia.com/
39 KB
39 KB
Script
General
Full URL
http://player.pepsia.com/sdk.js?d=16e6261e3f6
Requested by
Host: urlz.fr
URL: http://urlz.fr/b2SE
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Last-Modified
Tue, 29 Oct 2019 09:15:39 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5db8033b-9b78"
Content-Length
39800
Content-Type
application/javascript
/
www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/ Frame 8141
0
0
Document
General
Full URL
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Requested by
Host: urlz.fr
URL: http://urlz.fr/b2SE
Protocol
HTTP/1.1
Server
195.208.1.104 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
std-carp4-http.nic.ru
Software
openresty/1.13.6.2 / PHP/5.6.39
Resource Hash

Request headers

Host
www.shkola41.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b2SE
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b2SE

Response headers

Server
openresty/1.13.6.2
Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.39
Content-Encoding
gzip
image.php
www.noowho.com/
1 KB
2 KB
Image
General
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:39:58 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1469
Content-Type
image/gif
gdpr_consent=
sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=364007018502529207&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/7/3.gif?puid=1106941982942313904&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
0
0

fire.js
s.cpx.to/
942 B
2 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1919c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Nov 2019 01:30:12 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
942
Expires
Thu, 24 Oct 2019 10:23:59 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
968 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 00:57:00 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2018
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OayEWXzCGmCHmyOdAz15cwIdMPP5k_1_t3BNIdyIY69jdCmKdSlysA==
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)

Redirect headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
H-LF10nTUjDt5dVV7lbJF-cXBMPzFbEzQkrrdgI-59rLb3YNb2Iv6g==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 02:46:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1032249
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Sat, 31 Oct 2020 02:46:03 GMT
wckr.php
tag.leadplace.fr/ Frame 5FC9
0
0
Document
General
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b2SE
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b2SE

Response headers

Server
nginx/1.14.2
Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30195
localstore.js
script.4dex.io/
409 B
922 B
Script
General
Full URL
http://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
2606:4700:30::681c:112a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 08 Nov 2019 16:41:30 GMT
Server
cloudflare
Age
64
ETag
W/"4b47be3773e54c93b4788a00c3d0324b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
534cfaa6bfbe599a-VIE
x-amz-request-id
E205EC7F8B3AC631
x-amz-id-2
tg0zdSk7HKeAKbhRu/gchSB+iyy1ZTfqgME55pvp4KPygCA5shlyWfVUvif8wNFGPSIULzrRj5g=
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
733 B
XHR
General
Full URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1573608612920&pKey=-590911130&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2Fb2SE&playerSize=640x480&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:12 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1573608612930002-159
Expires
Wed, 13 Nov 2019 01:30:12 GMT
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216fce0dc494c63d%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216fce0dc494c63d%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz....
3 KB
2 KB
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216fce0dc494c63d%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb2SE%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224833453ade81cd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2247b5a95a-f244-4d83-ba31-3024b42d1eca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.234.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-234-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://urlz.fr
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1778

Redirect headers

date
Wed, 13 Nov 2019 01:30:12 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216fce0dc494c63d%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb2SE%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224833453ade81cd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2247b5a95a-f244-4d83-ba31-3024b42d1eca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
prebid
ib.adnxs.com/ut/v3/
143 B
1 KB
XHR
General
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:14 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.8:80
AN-X-Request-Uuid
183a97e0-9f2f-45a0-9b95-d86d6f1dda9b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/
15 B
508 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
http://urlz.fr
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/
3 KB
3 KB
XHR
General
Full URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=47b5a95a-f244-4d83-ba31-3024b42d1eca&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.90351816149537
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=484
Content-Length
1431
Expires
Wed, 17 Sep 1975 21:32:10 GMT
moneybid.js
ads.themoneytizer.com/bidder1/
631 B
666 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop&country=DE
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Thu, 14 Nov 2019 01:30:12 GMT
prebid
ib.adnxs.com/ut/v3/
255 B
1 KB
XHR
General
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:14 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
4db41414-0817-445e-bce8-10e15ea1a4c5
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
255
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel;r=1988765660;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2Fb2SE;fpan=1;fpa=P0-1851582499-1573608612954;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;...
pixel.quantserve.com/
35 B
494 B
Image
General
Full URL
http://pixel.quantserve.com/pixel;r=1988765660;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2Fb2SE;fpan=1;fpa=P0-1851582499-1573608612954;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1573608612954;tzo=-60;ogl=
Protocol
HTTP/1.1
Server
91.228.74.228 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:12 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
get_consent
c.sharethis.mgr.consensu.org/
13 B
404 B
XHR
General
Full URL
https://c.sharethis.mgr.consensu.org/get_consent
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e6261e3f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:c000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 01:30:12 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
status
200
etag
W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary
Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
http://urlz.fr
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
13
x-amz-cf-id
0dX2rcDWlGr3i_ECNa34kSGbO7Ow-NFIoqET6uXF6dJy1cbgVEJCag==
indexv2.php
player.pepsia.com/V2/
170 B
412 B
XHR
General
Full URL
http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&gdpr=1&d=16e6261e45f
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e6261e3f6
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/
1 KB
728 B
XHR
General
Full URL
http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16e6261e460
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e6261e3f6
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Wed, 13 Nov 2019 01:30:13 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
notifyme.php
adtrack.adleadevent.com/
0
517 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.175.102 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-175-102.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 01:30:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
adagio.js
script.4dex.io/
0
0

/
c.tmyzer.com/c/
0
0

/
c.tmyzer.com/c/
0
200 B
XHR
General
Full URL
http://c.tmyzer.com/c/?s=99999999&f=99999999&fi=0
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Nov 2019 01:30:13 GMT
Server
nginx
X-IPLB-Instance
24855
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/
0
0

sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B9DC1A47-184F-49A0-9E84-B5837805B261&fid=9218226a-f5e3-4001-b85a-347dc26837cb
95 B
881 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B9DC1A47-184F-49A0-9E84-B5837805B261&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Nov 2019 01:30:13 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 13 Nov 2019 01:30:13 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B9DC1A47-184F-49A0-9E84-B5837805B261&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Date
Wed, 13 Nov 2019 01:30:13 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
447
Content-Type
text/html; charset=iso-8859-1
getuid
ads.avocet.io/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
0
0

ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=9218226a-f5e3-4001-b85a-347dc26837cb
  • https://s.cpx.to/ca.png?dsp=dbm&fid=9218226a-f5e3-4001-b85a-347dc26837cb&google_gid=CAESEFH3D5576aYewfCWDbo8-uc&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=9218226a-f5e3-4001-b85a-347dc26837cb&google_gid=CAESEFH3D5576aYewfCWDbo8-uc&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Nov 2019 01:30:13 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Nov 2019 01:30:13 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=9218226a-f5e3-4001-b85a-347dc26837cb&google_gid=CAESEFH3D5576aYewfCWDbo8-uc&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
  • https://s.cpx.to/an_fire?app_nexus_uid=186229433259958887&pid=11528&ref=&hn_ver=10&fid=9218226a-f5e3-4001-b85a-347dc26837cb
95 B
864 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=186229433259958887&pid=11528&ref=&hn_ver=10&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Nov 2019 01:30:13 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 13 Nov 2019 01:30:13 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:15 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid
347f275e-0a9d-4b50-b5e3-a5f5f6475576
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=186229433259958887&pid=11528&ref=&hn_ver=10&fid=9218226a-f5e3-4001-b85a-347dc26837cb
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/
0
0
Image
General
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=9218226a-f5e3-4001-b85a-347dc26837cb&fck=6d4b52ed08f260be&cbp=dsp_uid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.91.60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

sync
pool.grid-data.bidswitch.net/
0
0

ac
ww1097.smartadserver.com/
22 B
2 KB
Script
General
Full URL
http://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=843856576&tag=sas_30012&sh=1200&sw=1600&pgDomain=http%3A%2F%2Furlz.fr%2Fb2SE&hb_bid=rubicon&hb_cpm=0.01659&hb_ccy=USD&noadcbk=sas.noad
Requested by
Host: ced-ns.sascdn.com
URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:12 GMT
Content-Encoding
gzip
X-SMRT-D
3%3b19%3b139
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
140
Expires
-1
Primary Request /
www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/
3 KB
1 KB
Document
General
Full URL
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Requested by
Host: urlz.fr
URL: http://urlz.fr/b2SE
Protocol
HTTP/1.1
Server
195.208.1.104 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
std-carp4-http.nic.ru
Software
openresty/1.13.6.2 / PHP/5.6.39
Resource Hash
585bbd84a27ad53e0f6ad995618bc2b356df2ce113c1458fec97f47b8f76683b

Request headers

Host
www.shkola41.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b2SE
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b2SE

Response headers

Server
openresty/1.13.6.2
Date
Wed, 13 Nov 2019 01:30:13 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.39
Content-Encoding
gzip
/
track.adform.net/adfscript/ Frame 2D3C
0
0

1a021cc4-b7b4-4441-bf04-dbca06e7aa59
beacon-eu2.rubiconproject.com/beacon/d/ Frame 2D3C
43 B
268 B
Image
General
Full URL
http://beacon-eu2.rubiconproject.com/beacon/d/1a021cc4-b7b4-4441-bf04-dbca06e7aa59?oo=0&accountId=11740&siteId=39544&zoneId=1078310&sizeId=2&e=6A1E40E384DA563B247AB785C0CFA750B1E4BED125B1C531AC0D6D9D13A186DFD1F4C75EE37FDCE204B77DBAC222336DE4A9AFA6E089EF8439966080A4671BA3709A92499BF55BDC039DED0A75E0BE0DCA6BF51C0B6B2F712AB6FC236D7B416FAFD6CF086BA66611EFF5C7CFD889081AF399AC5A06E2B8601F297939FC11D1663C253FD3DEF92B169C3682AE97B144F9C906E3D99347F00CE88D14A8E282D0F957B11AC6972062F2F0138437831A15B1F3CBF984B36CCC37F2981DBD6646EECB2C6772BC8EA3243A9DA5FA8A755BAEB9
Requested by
Host: urlz.fr
URL: http://urlz.fr/b2SE
Protocol
HTTP/1.1
Server
69.173.144.154 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash

Request headers

Referer
http://urlz.fr/b2SE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 01:30:13 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
index.css
www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/
7 KB
2 KB
Stylesheet
General
Full URL
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/index.css
Requested by
Host: www.shkola41.ru
URL: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Protocol
HTTP/1.1
Server
195.208.1.104 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
std-carp4-http.nic.ru
Software
openresty/1.13.6.2 /
Resource Hash
03287260cdfdeb9126fc4d36c82463e1d70a6d4b5f55ebbfbda7dca0de1b9fbf

Request headers

Referer
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Sep 2019 14:49:40 GMT
Server
openresty/1.13.6.2
ETag
W/"1afa-5934da56a4883"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
addfollowers.png
www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/
140 KB
140 KB
Image
General
Full URL
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/addfollowers.png
Requested by
Host: www.shkola41.ru
URL: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Protocol
HTTP/1.1
Server
195.208.1.104 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
std-carp4-http.nic.ru
Software
openresty/1.13.6.2 /
Resource Hash
1ba0a5c75f77766c306f89e2a05df70196ba135e65d93e968532db32ca5a3961

Request headers

Referer
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 01:30:13 GMT
Last-Modified
Tue, 24 Sep 2019 14:49:40 GMT
Server
openresty/1.13.6.2
ETag
"22fc3-5934da56a19a3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143299
/
onlyadshere.info/
Redirect Chain
  • http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/ufjoc64vf_f.png
  • http://onlyadshere.info/
  • https://onlyadshere.info/
0
0
Image
General
Full URL
https://onlyadshere.info/
Requested by
Host: www.shkola41.ru
URL: http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/?cat=1&pid=2&i=1458914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5083 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.shkola41.ru/80156//OCJouNVxMUYX8TF/fcbg/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date
Wed, 13 Nov 2019 01:30:13 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://onlyadshere.info/
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
534cfaa90a9a8c86-VIE
Expires
Wed, 13 Nov 2019 02:30:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
Domain
script.4dex.io
URL
https://script.4dex.io/adagio.js
Domain
c.tmyzer.com
URL
http://c.tmyzer.com/c/?s=15056&f=28&fi=0
Domain
c.tmyzer.com
URL
http://c.tmyzer.com/c/?s=99999999&f=99999999&fi=0
Domain
ads.avocet.io
URL
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D9218226a-f5e3-4001-b85a-347dc26837cb
Domain
pool.grid-data.bidswitch.net
URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Domain
track.adform.net
URL
http://track.adform.net/adfscript/?bn=33840285;rtbwp=7ACC54D1E2597AA3;rtbdata=3xUQHRdb82BXDm-riwbqkRjnGbCTvkk0dAEmHTd8wDrao8D_YLy1s23BxwIWqjSNGxecdqKS51spumvIvVlx4Ww2zNhSuQK_39ylcwln_5ZY_LXvltSz9CcPpt6SAMZxikSyMY6XAlxEXMoFgYU56c2dbAd0z6yaFS54yIRaxKR630HoPH95pKkgMNX8G5kfEGkvyaRJLRG_X-MPY2AlIdKb8zKBUnyDSAWVgExTW7Y1;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/1a021cc4-b7b4-4441-bf04-dbca06e7aa59/

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

1 Console Messages

Source Level URL
Text
console-api error URL: http://player.pepsia.com/sdk.js?d=16e6261e3f6(Line 4)
Message:
%c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
beacon-eu2.rubiconproject.com
c.sharethis.mgr.consensu.org
c.tmyzer.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
fastlane.rubiconproject.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
onetag-sys.com
onlyadshere.info
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
sync.crwdcntrl.net
tag.contextweb.com
tag.leadplace.fr
track.adform.net
urlz.fr
ww1097.smartadserver.com
www.noowho.com
www.shkola41.ru
ads.avocet.io
c.tmyzer.com
gum.criteo.com
pool.grid-data.bidswitch.net
script.4dex.io
sync.crwdcntrl.net
track.adform.net
104.16.91.60
13.224.196.26
13.224.197.12
145.239.192.166
145.239.193.145
151.139.241.23
185.33.223.197
185.64.190.80
185.86.137.32
195.208.1.104
2.18.234.233
216.58.206.2
2600:9000:2156:9000:6:44e3:f8c0:93a1
2600:9000:2156:c000:c:a9b7:ddc0:93a1
2606:4700:300a::6813:c597
2606:4700:30::681c:112a
2606:4700:30::681f:5083
2606:4700:31::681f:ab2
2a00:1450:4001:809::200a
34.249.138.153
37.252.173.27
5.179.192.20
51.89.9.252
52.29.234.105
54.247.175.102
54.38.64.100
68.232.35.16
69.173.144.142
69.173.144.154
74.214.194.131
91.228.74.221
91.228.74.228
94.23.196.203
03287260cdfdeb9126fc4d36c82463e1d70a6d4b5f55ebbfbda7dca0de1b9fbf
1ba0a5c75f77766c306f89e2a05df70196ba135e65d93e968532db32ca5a3961
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
585bbd84a27ad53e0f6ad995618bc2b356df2ce113c1458fec97f47b8f76683b
5d75cb22fb7ce2ed873ad964147b5b2ee585ed75096219f3082f4727444e5553
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8
afc7661967ab54f4ff9777ef80e7d17c5d74ee0e8c39f67b130097e6cf4ec943
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcbae18825d52376d32deb98bdc1a8f7bb517dce83afb11ea0335670b66eea8a